Anonymity at all times on the internet?

[WarHammerFiveFive]

By the way, MAC addresses do not get transmitted so they are a no-go as far as being in Big Brother's scary inventory of identifying tools:
http://developers.evrsoft.com/forum/...php/t-699.html

[zbx]

another alternative i've read about is that is you visit one site and then close out your browser and then flush with CCleaner and/or BleachBit. kind of a pain though. would be a lot better if there was just an option to be anonymous on the internet but there are too many people getting rich behind the scenes by stealing + compiling all this data on people. TrackerBlock now lists 663 different companies involved that need to be blocked.

[strokes762]

I have a hard way of "Anonymously" browsing the internet:

Go to regedit in your windows PC and follow this path >>

Quote:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Class\

Here your setting for each network adapter is found. There is a string value called "NetworkAddress" and that should be the value of your MAC (Media Access Control) address. Write this value down and do not loose it. Then using DevCon (http://support.microsoft.com/kb/311272) you can reset your network adapter settings and this should change your MAC address to another one that will work.

When this is done (and you will need 2 computers for this) boot an Ubuntu Linux server live CD on one computer and connect to a network, then connect a wireless adapter and create an ad-hoc network (https://help.ubuntu.com/community/WifiDocs/Adhoc). With the ad-hoc make sure your encryption key is at least 16 characters long and include letters, numbers and atleast 2 symbols (*,$,+, etc.) Then (this is the hardest part) set up the firewall for your network with Ubuntu (http://1000umbrellas.com/2010/04/29/...id-lynx-server). This will only allow traffic that you approve through, so make sure you add the static IP of your router and the static IP of the computer you will be connecting wirelessly to the Ubuntu machine. You can find the IP of your windows machine by going to the command prompt and typing "ipconfig." Even if you are not connected to a network you will still receive an IP address (either 255.255.255.0 or 255.255.255.255).

You can also go into your router that your ISP provides by opening a web browser and typing 192.168.0.1 in the address bar (this is your local IP address 99% of the time) and after you login using the default credentials your ISP provides you can create a "static MAC table" and enter the MAC address that your Ubuntu server pseudo host has by typing "ifconfig -a" in the terminal window. Then every 8 octet code that follows the word "HWaddr" should be entered into your static MAC address table.

After this is done connect the Ubuntu server booted machine to your router with an Ethernet cable. Wait until it says you are connected to the internet. Then use a wireless adapter with your windows PC and connect to the wireless ad-hoc network using the password you created earlier. If done right you can access the internet "anonymously."

Now you may be asking "hmmm, hey strokes why do you say 'anomalously'?" Well good question my friend. Its not entirely anonymous, sorry. But, it is significantly harder to see your network activity and because you changed your MAC address no one can look for your specific network adapter, for all they know it belongs to Joe Smoe down the street. Add a firewalled hard wired Linux based host and any hacker looking to mess with you will have a run for his money. It will SLOW down anyone trying to look at your network activity. So if the NSA is after you then you have bigger problems than someone knowing about what adult XXX content you viewed last Tuesday.


Now how do I know this works? I used this method for a project in a networking security elective class I'm taking now. My friend and I used our laptops (my PC and his Ubuntu Linux) and a $25 wired router from Radio Shack to build a mock network and our professor tried to access a .txt file that he had an SA put on my C: drive. He couldn't do it in an hour but told us that if we wanted to stay for a few more hours he could do it.

We also got an "A"

[canuckcoyote]

Quote:

Originally Posted by strokes762

I have a hard way of "Anonymously" browsing the internet:

Go to regedit in your windows PC and follow this path >>


Here your setting for each network adapter is found. There is a string value called "NetworkAddress" and that should be the value of your MAC (Media Access Control) address. Write this value down and do not loose it. Then using DevCon (http://support.microsoft.com/kb/311272) you can reset your network adapter settings and this should change your MAC address to another one that will work.

When this is done (and you will need 2 computers for this) boot an Ubuntu Linux server live CD on one computer and connect to a network, then connect a wireless adapter and create an ad-hoc network (https://help.ubuntu.com/community/WifiDocs/Adhoc). With the ad-hoc make sure your encryption key is at least 16 characters long and include letters, numbers and atleast 2 symbols (*,$,+, etc.) Then (this is the hardest part) set up the firewall for your network with Ubuntu (http://1000umbrellas.com/2010/04/29/...id-lynx-server). This will only allow traffic that you approve through, so make sure you add the static IP of your router and the static IP of the computer you will be connecting wirelessly to the Ubuntu machine. You can find the IP of your windows machine by going to the command prompt and typing "ipconfig." Even if you are not connected to a network you will still receive an IP address (either 255.255.255.0 or 255.255.255.255).

You can also go into your router that your ISP provides by opening a web browser and typing 192.168.0.1 in the address bar (this is your local IP address 99% of the time) and after you login using the default credentials your ISP provides you can create a "static MAC table" and enter the MAC address that your Ubuntu server pseudo host has by typing "ifconfig -a" in the terminal window. Then every 8 octet code that follows the word "HWaddr" should be entered into your static MAC address table.

After this is done connect the Ubuntu server booted machine to your router with an Ethernet cable. Wait until it says you are connected to the internet. Then use a wireless adapter with your windows PC and connect to the wireless ad-hoc network using the password you created earlier. If done right you can access the internet "anonymously."

Now you may be asking "hmmm, hey strokes why do you say 'anomalously'?" Well good question my friend. Its not entirely anonymous, sorry. But, it is significantly harder to see your network activity and because you changed your MAC address no one can look for your specific network adapter, for all they know it belongs to Joe Smoe down the street. Add a firewalled hard wired Linux based host and any hacker looking to mess with you will have a run for his money. It will SLOW down anyone trying to look at your network activity. So if the NSA is after you then you have bigger problems than someone knowing about what adult XXX content you viewed last Tuesday.


Now how do I know this works? I used this method for a project in a networking security elective class I'm taking now. My friend and I used our laptops (my PC and his Ubuntu Linux) and a $25 wired router from Radio Shack to build a mock network and our professor tried to access a .txt file that he had an SA put on my C: drive. He couldn't do it in an hour but told us that if we wanted to stay for a few more hours he could do it.

We also got an "A"

Holy crap !! lol

[Singular1ty]

Quote:

Originally Posted by aerbourne

I'm trying to find a way to browse things on the internet without anyone being able to find out what ive been doing. I realize that nothing is going to be 100% effective...but I want to put some solid measures between my electronic history and techy people that might be trying to find it for whatever reason. I don't want the government being able to easily look at all the stuff i look up on this site or all of the end of the world-esque stuff i look up and start forming conclusions about me, or an employer down the road thinking im some gun toting anarchist. Whatever the circumstance, I don't want people knowing my business.

I'm semi-techy. As in, I know computer specs, am up to date on web culture, can get basic projects and such done with the help of google, etc. But as far as programming goes, I don't know much past some basic html tags.

Right now (as of yesterday), I've started browsing the web through a portable version of google chrome on a flashdrive and running things through a proxy like hidemyass.com. What else/better things could I be doing to hide my actions? Also, using a proxy site is kindof a pain and definitely slows down page load times, is there a plugin i could get or an actual proxy program I could be using that just works in the background that I don't have to deal with and look at all the time?

Pardon the foil hat paranoia.

Well for starters the old trick of clearing your history through the browser doesn't work.

Here are a list of programs I recommend:

DECAF - This defeats the standard FBI and police forensics program called CAFFEINE.

Ccleaner - Erases the web history all the way down to the index.dat files.

Spybot search and destroy for obvious reasons.

Tor - Far, far, far superior then a lousy proxy.

[Savinkov]

Quote:

Originally Posted by WarHammerFiveFive

By the way, MAC addresses do not get transmitted so they are a no-go as far as being in Big Brother's scary inventory of identifying tools:
http://developers.evrsoft.com/forum/...php/t-699.html

It's true that they are stripped off the packets before they're sent over
the Internet. But if Uncle Bug-Breath (Or whoever) is able to interrogate
your hardware with "Something", they can find it.

And that's the question... have they got such a "Something"? You can
bet your ass they're thinking about it. If they can get some spyware
onto your machine or a sniffer onto your LAN it can "collect" information
like that and transmit it. The newer breed of Trojans (conficker, etc.)
were specifically designed to do that (and nobody yet knows who
designed them AFAIK).

Additionally, as I posted earlier, if you're using IPV6, the MAC address *IS*
*embedded* in the IPV6 address. (Nice improvement, huh? For your
"convenience". or "protection". or... or... or...). Be sure to upgrade real
soon... (I notice it's installed by default on Windows 7, FI).

Reprogramming the MAC address the way @strokes762 does it will work
if you've really reprogrammed it, but just changing it in the registry will
not fool something that's looking in the hardware for a signature. He's
right, though, that it's a question of how high you're trying to raise the
bar, whom you're trying to keep out, what you're trying to hide, etc...

[aerbourne]

Quote:

Originally Posted by martom50

I don't know what you are browsing, but unless it is illegal (i.e. kiddie porn) whats the problem? If it is illegal, I hope you get caught.

i dont want future employers to be able to see all the crazy stuff i look up thats related to this site. there is way too much on the border kind of stuff that i research and way too many abrasive opinions i give for my comfort. If the government wanted to, they could totally pull up this stuff and label me a terrorist and throw me in prison indefinitely.


thanks for all the info guys. sounds like TAILS is the way to go. exactly what ive been looking for

[WarHammerFiveFive]

Quote:

It's true that they are stripped off the packets before they're sent over
the Internet. But if Uncle Bug-Breath (Or whoever) is able to interrogate
your hardware with "Something", they can find it.

And that's the question... have they got such a "Something"? You can
bet your ass they're thinking about it.

Oh, they do, my friend, they do:
http://en.wikipedia.org/wiki/Compute...dress_Verifier
http://en.wikipedia.org/wiki/Magic_Lantern_(software)

Although using TAILS would defeat these pieces of software in my opinion.

Quote:

i dont want future employers to be able to see all the crazy stuff i look up thats related to this site.

An unfounded fear, I don't think employers have the vast resources or the interest to go that far. As long as your user name doesn't lead back to you. You would be very surprised at how many users on this site I have (out of curiosity) positively identified through 5 minutes and the use of Google and a couple other sites. One of my number one rules on the internet:
NEVER use the same user name twice. Somebody I was in a flame war with on a site years ago narrowed me down to my city and job occupation based on my naive internet behavior. He didn't get my actual identity but it was far too close for comfort, it was all because I used the same unique user name across multiple sites. I learned from that experience. I won't dare say I'm completely untraceable (certainly not when it comes to the government) but I would venture to say that no users or forum members will ever get even a little bit close to finding out where or who I am.

[BoycottTheDay]

Quote:

Originally Posted by Backwoods406

if you don't stick out in a crowd no one will ever know you where there.

I found a hippy chick using a local boatyards wireless network, i knew what she
was doing, confronted her about it, said the cops were coming to take her
laptop. Wow did she bug out.

Never saw the little vermin around here again.

[Savinkov]

Quote:

Originally Posted by WarHammerFiveFive

Oh, they do, my friend, they do:
http://en.wikipedia.org/wiki/Compute...dress_Verifier
http://en.wikipedia.org/wiki/Magic_Lantern_(software)

Although using TAILS would defeat these pieces of software in my opinion.

.
.
.

WEll, whaddyaknow... Uncle Bug-Breath is already doing EXACTLY what I
thought he'd be already doing. (Isn't he *cute*?). (thanx for that, btw...
always helps to have my paranoia corroborated.)

Quote:

Originally Posted by WarHammerFiveFive

Although using TAILS would defeat these pieces of software in my opinion.

yeah... it sounds like it's the moral equivalent of a complete fresh OS install,
which is the moral equivalent of a single-use key or "tearoff pad" encryption
scheme... very difficult for Jackboot Janet to defeat

Using Linux or a MAC (yuck) probably helps... I doubt if Janet has the
resources to infest more than the Windows OS. plus you can deploy
authentication resources on Linux that make her infestation a lot more
difficult than it is with Windows where they basically can get MicroSuck
to incorporate stuff that looks like it's just part of the Windows release...

Ken Thompson gave an interesting lecture back in 1984 (I think)

http://www.ece.cmu.edu/~ganger/712.f...1-thompson.pdf

IF I undersatand correctly... that means we're up against a fundamental
logical conundrum in even *attempting* to protect anything. but we can
certainly raise the bar high enough that Janet can't climb over it without
exposing herself (YUCK...).

[WarHammerFiveFive]

Quote:

DECAF - This defeats the standard FBI and police forensics program called CAFFEINE.

It's called COFFEE, not CAFFEINE, just FYI... I've played around with it. It's meant to acquire data from a live environment, it's not used nearly as much as offline data acquisition programs like FTK or Encase.

[Dark Storm]

I know exactly what I'm talking about.

One thing you need to realize is that if the government wants to, they WILL track you. Nothing can prevent that. They'll get a court order and issue a CALEA request to your ISP which is basically a "wiretap" on your internet. Everything you send or receive on the wire is read by them.
The ONLY way to beat ISP "wiretapping" is to use TOR (The Onion Router) or a similar product, which will encrypt everything between your computer and the network of TOR nodes. You can find there at http://torproject.org.

Nothing is 100%, not even TOR, but the only attacks on it are fairly exotic. Nothing short of the focused efforts of an entire department of either the FBI, NSA, or CIA will be able to execute the exotic attacks required to successfully attack TOR. This means your local or even state police department, no matter how many *hackers* they have, will be able to spend the money and time to break it.

The next MUST is that you MUST ALWAYS use HTTPS. It won't hide the websites you're looking at or the identifying cookies you send but it encrypts everything else.

Next, you CANNOT use flash or java. Uninstall both of these from your system.
Also, either disable javascript in your browser settings or install the noscript equivalent for your browser. Noscript is a browser addon for firefox and I believe chrome.

There are still kinks in this armor, but its the very best that can be had. You should research more thoroughly, though, because there are a few caveats to using TOR that you will understand once you learn how it works.

[Amra910]

Reading this I learned a little something. For some reason duplicate user names never occurred to me. I'll start using my random password generator to make user names. Thanks.

[The Drunk Guy]

Quote:

Originally Posted by John_Auberry

When I watch porn I delete the history.........wife caught on so now after I delete it I go to lots of random websites to though her off.

I use Firefox's Private Browsing feature to keep the little lady out of my porn history. BUT....she is fully aware I look at porn. Its more of an "out of sight, out of mind" deal.

[Savinkov]

Quote:

Originally Posted by Dark Storm

.
.
.
They'll get a court order and issue a CALEA request to your ISP which is basically a "wiretap" on your internet. Everything you send or receive on the wire is read by them.

That's true if they already suspect you of something... but if that's the
case, you already blew it by getting on their radar. Most of the debate
here is how to avoid *that* in the first place. Yeah, they *can* read
*anything* if they're really after it... unless *all* the data is somehow
encrypted at, what is it - 256 bits right now? there's some level beyond
which even NSA can't crack it... But that isn't even possible for web surfing
anyway - HTTPS won't support it AFAIK

Quote:

Originally Posted by Dark Storm

.
.
The ONLY way to beat ISP "wiretapping" is to use TOR (The Onion Router) or a similar product, which will encrypt everything between your computer and the network of TOR nodes.

How does it compare with "anon-proxy" (JAP)?

[zbx]

i think JAP is JonDo now right?

[Dark Storm]

I had never heard of JAP or JonDom before but it looks very similar to TOR.

[mdmzero]

The first step is don't use google (chrome). If Google went to all of the trouble to BYPASS Internet Explorer and Safari security settings what do you think the security settings in chrome mean to them? They track everything you do and if you are lucky and have many google affiliated services they bundle all the histories together and at the minimum share with advertisers and store it in 1 place for hackers. At the worst there have always been rumors that they work with the government or were even helped with startup money by the government.

Even if what you are doing isn't legal now, who knows if it'll be made illegal in the future. Tomorrow the government could ban prepping and all those times you googled for "SHTF SURVIVAL KNIFE" or youtubed for "KA-BAR review" "survival forums" could lead them to target you.

At the minimum connect to a VPN, then connect to TOR, then don't use your name on anything. Its not perfect but its something.

Also stop using google for searching as well, use https://duckduckgo.com .

[mdmzero]

some might say using tor alone would target you, thats why I said connect to a vpn first.

[fsck]

sorry to revive an old thread, but i wanted to mention a point about clearing/deleting files, running ccleaner, etc.

if you're running a recent version of windows, you've got restore points, which uses a service called VSS (volume shadow copy, not sure of the exact acronym). VSS backs up system and data files.

i don't remember the default configuration of restore points/shadow copy, but i do know that you'll often get a restore point when you install an application. on my win7 box, i have it configured to create restore points daily, which gives me plenty of fallbacks if i delete the wrong files or otherwise screw the goose.

the point is, depending on configuration, those restore points may capture user data that you want to keep private, including browser history.

restore points/shadow copy is a useful service. you can use mklink to mount a shadow copy much as you would a network share, then browse through it to recover deleted files.

but if you're deleting files to secure info against a forensic examination, those restore points are one thing that could tell on you.